package com.haoqizhe.kernel.shiro.controller;

import com.haoqizhe.kernel.annotation.ResponseResult;
import com.haoqizhe.kernel.commons.exceptions.PermissionForbiddenException;
import com.haoqizhe.kernel.commons.exceptions.UserNotLoginException;
import com.haoqizhe.kernel.shiro.userdetails.UserInfoService;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

/**
 * 用户登录 参考样例
 *
 * @author haoqizhe.li
 * @date 2018/12/17
 **/
@Slf4j
@ResponseResult
@RestController
@Api(value = "用户登录平台相关接口", tags = {"用户登录平台相关接口"})
@Validated
public class LoginDemo {
    @Autowired
    private UserInfoService userInfoServiceImpl;

//    @ApiOperation(
//            value = "用户登录",
//            notes = "用户登录,获取菜单权限信息及sessionId"
//    )
//    @PostMapping("/demo/login")
//    public Object login(@RequestBody @Validated(GroupUpdate.class) LoginParamsVO loginParams, HttpSession session) throws Exception {
//        Subject subject = SecurityUtils.getSubject();
//        String userPassword = loginParams.getPassword();
//        UsernamePasswordToken token = new UsernamePasswordToken(JSONUtil.toJsonPrettyStr(loginParams), userPassword);
//        try {
//            UserBaseEntity sysUser = userInfoServiceImpl.getUserInfo(loginParams);
//            if (sysUser == null) {
//                throw new BusinessException(ResultCode.USER_IS_NOT_VALID, null, sysUser.getUserAccount());
//            }
//            //登录shiro,包括密码校验 获取权限信息等
//            subject.login(token);
//            //清空密码
//            sysUser.setUserPassword(null);
//            //返回用户信息给前端
//            return sysUser;
//        } catch (IncorrectCredentialsException e) {
//            log.error(e.getMessage(), e);
//            throw new BusinessException(ResultCode.USER_LOGIN_ERROR);
//        } catch (LockedAccountException e) {
//            log.error(e.getMessage(), e);
//            throw new BusinessException(ResultCode.USER_ACCOUNT_FORBIDDEN);
//        } catch (AuthenticationException e) {
//            log.error(e.getMessage(), e);
//            throw new BusinessException(ResultCode.USER_NOT_EXIST);
//        }
//    }

    @ApiOperation(
            value = "用户没有权限默认访问的接口",
            notes = "用户没有权限默认访问的接口"
    )
    @GetMapping("/unauthorized")
    public void unauthorized() {
        throw new PermissionForbiddenException();
    }

    @ApiOperation(
            value = "用户没有登录默认访问接口",
            notes = "用户没有登录默认访问接口"
    )
    @GetMapping("/notLogin")
    public void notLogin() {
        throw new UserNotLoginException();
    }

}
